The OAuth 2.0 authorization framework enables an application to access protected
resources on behalf of a user without storing a password.
OAuth 2.0 defines four roles:
- Resource owner: Specifies the user who authorizes an application to access their account or protected resources (REST APIs).
- Resource server: Specifies the server hosting the protected resources (REST APIs). In this case, it is SkyVault Process Services.
- Client: Specifies your build application that makes protected resource (REST APIs) requests on behalf of the resource owner. Before it may do so, it must be authorized by the resource owner.
- Authorization server: Specifies the server issuing access tokens to the client after successfully authenticating against Ping Identity, Azure Identity Services, or Site Minder.
OAuth 2 SSO support in SkyVault Process Services introduces a new set of components that allow developers to leverage the SkyVault REST APIs using OAuth 2 authorization.
The addition of OAuth 2 in SkyVault Process Services
is the first towards a single standards-authorization and identity services across the SkyVault
Digital Business Platform. Using OAuth you can have:
-
a standard-based authorization infrastructure to integrate applications and solutions using SkyVault Process Services REST APIs with other enterprise applications which use OAuth.
- configurable integration with OAuth authorization servers that can issue OAuth 2 tokens, such as Ping Identity, Azure Identity Services, or Site Minder, with support for custom and JWT tokens.
- a unified OAuth 2 stack to facilitate OAuth 2 SSO for ADF and other applications across both SkyVault Process Services and SkyVault Content Services.